Lucene search
K

214 matches found

Positive Technologies
Positive Technologies
added 2026/02/04 12:0 a.m.7 views

PT-2026-6344

The Login Disable module prevents users from logging in to your Drupal site unless they know the access key to add to the end of the login form page. default: If they provide the access key and have a specific role they can log in. The module does not check for the access key when using the HTTP...

5.4AI score
Exploits0References2
Drupal
Drupal
added 2026/02/04 12:0 a.m.12 views

Login Disable - Less critical - Access bypass - SA-CONTRIB-2026-008

The Login Disable module prevents users from logging in to your Drupal site unless they know the access key to add to the end of the login form page. default: http://example.com/user/login?admin If they provide the access key and have a specific role they can log in. The module does not check for...

4.3CVSS5.5AI score0.00202EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/04 12:0 a.m.13 views

PT-2026-6544

The Login Disable module prevents users from logging in to your Drupal site unless they know the access key to add to the end of the login form page. default: If they provide the access key and have a specific role they can log in. The module does not check for the access key when using the HTTP...

5.4AI score0.00202EPSS
Exploits0References3
OSV
OSV
added 2026/02/03 5:37 p.m.7 views

GHSA-R54G-49RX-98CR RustFS Logs Sensitive Credentials in Plaintext

Summary RustFS logs sensitive credential material access key, secret key, session token to application logs at INFO level. This results in credentials being recorded in plaintext in log output, which may be accessible to internal or external log consumers and could lead to compromise of sensitive...

6.9CVSS5.5AI score0.00245EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/01/29 7:54 p.m.5 views

CVE-2026-22806

vCluster Platform provides a Kubernetes platform for managing virtual clusters, multi-tenancy, and cluster sharing. Prior to versions 4.6.0, 4.5.4, 4.4.2, and 4.3.10, when an access key is created with a limited scope, the scope can be bypassed to access resources outside of it. However, the user...

9.1CVSS5.9AI score0.00444EPSS
Exploits0References2Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/09 12:40 p.m.6 views

CVE-2023-43784

Plesk Onyx 17.8.11 has accessKeyId and secretAccessKey fields that are related to an Amazon AWS Firehose component. NOTE: the vendor's position is that there is no security threat...

7.5CVSS6.9AI score0.00473EPSS
Exploits0References1
CVE
CVE
added 2025/12/12 7:57 p.m.11 views

CVE-2024-58311

Dormakaba Saflok System 6000 is affected by CVE-2024-58311 due to a predictable key generation algorithm that lets an attacker derive card access keys from a 32-bit card identifier. The underlying issue is a deterministic key derivation process, enabling key computation without requiring addition...

9.8CVSS6.5AI score0.00374EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/27 8:15 p.m.6 views

EUVD-2025-33395

BBOT's gitlab.py exposes globally configured "gitlab" API key...

4.7CVSS6.4AI score0.00213EPSS
Exploits0References3
OSV
OSV
added 2025/10/27 8:15 p.m.7 views

GHSA-P3V4-C93G-CMHW BBOT's gitlab.py exposes globally configured "gitlab" API key

Summary bbot's gitlab.py sends the user's "gitlab" API key to on-premise GitLab instances. If a user has configured a gitlab.com API key using this mechanism, it may be leaked to an attacker-controlled server. Impact A user with a "gitlab" API key configured who uses bbot to scan a malicious...

4.7CVSS6.6AI score0.00213EPSS
Exploits0References4
CVE
CVE
added 2025/10/09 3:46 p.m.17 views

CVE-2025-10282

BBOT's gitlab module exposes GitLab API keys by using a maliciously formatted git URL, leading to information exposure to an attacker-controlled server. Multiple sources (including Red Hat CVE entry and accompanying advisories) describe the issue as a leak of the user’s API key when bb ot process...

4.7CVSS6.3AI score0.00213EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/09 12:0 a.m.9 views

PT-2025-41395

Name of the Vulnerable Software and Affected Versions BBOT affected versions not specified Description The gitlab module in BBOT may allow an attacker to disclose a GitLab API key to a server under their control by using a maliciously formatted git URL. This could potentially lead to unauthorized...

4.7CVSS5.8AI score0.00213EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2025/10/09 12:0 a.m.6 views

PT-2025-41394

Name of the Vulnerable Software and Affected Versions BBOT affected versions not specified Description The git clone module in BBOT may allow an attacker to disclose a GitHub API key to a server they control by using a maliciously formatted git URL. The issue involves the potential exposure of th...

4.7CVSS5.8AI score0.00213EPSS
Exploits0References12
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-0607

Malware in sbrugna...

6.8CVSS6.3AI score0.02464EPSS
Exploits1References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-15613

Malware in sbrugna...

6.5CVSS6.4AI score0.00692EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2020-20285

Malware in sbrugna...

7.1CVSS6.9AI score0.0031EPSS
Exploits0References11
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2004-2722

Malware in sbrugna...

4.3CVSS6.4AI score0.0401EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2014-4939

Malware in sbrugna...

6.8CVSS6.7AI score0.00573EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2018-15699

Malware in sbrugna...

7.5CVSS7AI score0.00398EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-0909

Malware in sbrugna...

10CVSS8.7AI score0.01412EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-3402

Malware in sbrugna...

9.3CVSS8.5AI score0.02103EPSS
Exploits0References5
Rows per page
Query Builder